5-year-old malware still targeting EMRs

A piece of malware known as Stegoloader continues to wreak havoc on healthcare companies that inadvertently download it under the guise of product keys. The malware steals information from infected machines and spreads itself through the compromised network. Keep reading to find out how this infection can affect your business data and what you can do about it.

What is Stegoloader?

The trojan known as Stegoloader infects machines through product key generators packaged with downloads of pirated software. Small companies have been targeted by the malware, particularly those in the healthcare industry -- and to a lesser extent, the insurance and technology sector.

Steganography is a cyber attacker term for hiding malware inside an image file. Once the image is opened on a vulnerable machine, the program gathers information and crawls through the network looking for weaknesses. Although Stegoloader doesn’t appear to be a particularly sophisticated program, it can devastate your business by stealing electronic medical records as well as installing a secondary piece of malware to pilfer banking information.

Anthem and Premera Blue Cross are two big-name victims of the widespread malware. Symantec believes that Stegoloader’s creators plan to sell healthcare data because they’re more lucrative than other information types. Symantec also believes the cyber attackers are opportunistic, taking advantage of companies that download pirated versions of popular software.

How to Avoid becoming infected by Stegloader

Because the Stegoloader trojan often lurks in illegal product key generators and illegitimate software, the best way to avoid infection is to stay away from sites that offer pirated software. Other than that, we recommend educating your employees on safe practices, avoiding unknown image files and quarantined backups, and updating operating system and antivirus software as often as possible.

When business owners download pirated software, they’re trying to cut corners to save money on business applications and technology consultants. But not only are they getting themselves in trouble with cyber attackers, they’re also messing with the law. We promise that partnering with us will end up saving you more money and hassle than the alternatives. If you’re looking for a better way to protect your company and keep your information safe, contact us today.